Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

This patch set re-applies the RFC2868 patch by Ghennadi Procopciuc #47

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

This patch set re-applies the RFC2868 patch by Ghennadi Procopciuc #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1f21821
Added support for RFC2868
Dec 17, 2014
5494ebd
Added rfc2868 dictionary
nmav Dec 17, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion etc/Makefile.am
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ sbindir = @sbindir@
pkgsysconfdir = @pkgsysconfdir@
pkgsysconf_DATA = issue port-id-map radiusclient.conf \
dictionary dictionary.ascend dictionary.compat dictionary.merit \
dictionary.sip
dictionary.sip dictionary.rfc2868

EXTRA_DIST = issue port-id-map dictionary dictionary.ascend \
dictionary.compat dictionary.merit servers radiusclient.conf.in \
Expand Down
298 changes: 298 additions & 0 deletions etc/dictionary.rfc2868
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,298 @@
# Contributed by Ghennadi Procopciuc <gprocopciuc@ixiacom.com>
#

ATTRIBUTE User-Name 1 string
ATTRIBUTE Password 2 string
ATTRIBUTE CHAP-Password 3 string
ATTRIBUTE NAS-IP-Address 4 ipaddr
ATTRIBUTE NAS-Port-Id 5 integer
ATTRIBUTE Service-Type 6 integer
ATTRIBUTE Framed-Protocol 7 integer
ATTRIBUTE Framed-IP-Address 8 ipaddr
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
ATTRIBUTE Framed-Routing 10 integer
ATTRIBUTE Filter-Id 11 string
ATTRIBUTE Framed-MTU 12 integer
ATTRIBUTE Framed-Compression 13 integer
ATTRIBUTE Login-IP-Host 14 ipaddr
ATTRIBUTE Login-Service 15 integer
ATTRIBUTE Login-TCP-Port 16 integer
ATTRIBUTE Reply-Message 18 string
ATTRIBUTE Callback-Number 19 string
ATTRIBUTE Callback-Id 20 string
ATTRIBUTE Framed-Route 22 string
ATTRIBUTE Framed-IPX-Network 23 ipaddr
ATTRIBUTE State 24 string
ATTRIBUTE Class 25 string
ATTRIBUTE Vendor-Specific 26 string
ATTRIBUTE Session-Timeout 27 integer
ATTRIBUTE Idle-Timeout 28 integer
ATTRIBUTE Termination-Action 29 integer
ATTRIBUTE Called-Station-Id 30 string
ATTRIBUTE Calling-Station-Id 31 string
ATTRIBUTE NAS-Identifier 32 string
ATTRIBUTE Proxy-State 33 string
ATTRIBUTE Login-LAT-Service 34 string
ATTRIBUTE Login-LAT-Node 35 string
ATTRIBUTE Login-LAT-Group 36 string
ATTRIBUTE Framed-AppleTalk-Link 37 integer
ATTRIBUTE Framed-AppleTalk-Network 38 integer
ATTRIBUTE Framed-AppleTalk-Zone 39 string
ATTRIBUTE Acct-Status-Type 40 integer
ATTRIBUTE Acct-Delay-Time 41 integer
ATTRIBUTE Acct-Input-Octets 42 integer
ATTRIBUTE Acct-Output-Octets 43 integer
ATTRIBUTE Acct-Session-Id 44 string
ATTRIBUTE Acct-Authentic 45 integer
ATTRIBUTE Acct-Session-Time 46 integer
ATTRIBUTE Acct-Input-Packets 47 integer
ATTRIBUTE Acct-Output-Packets 48 integer
ATTRIBUTE Acct-Terminate-Cause 49 integer
ATTRIBUTE Acct-Multi-Session-Id 50 string
ATTRIBUTE Acct-Link-Count 51 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer
ATTRIBUTE Event-Timestamp 55 integer
ATTRIBUTE CHAP-Challenge 60 string
ATTRIBUTE NAS-Port-Type 61 integer
ATTRIBUTE Port-Limit 62 integer
ATTRIBUTE Login-LAT-Port 63 integer
ATTRIBUTE Connect-Info 77 string

#
# RFC3162 IPv6 attributes
#
ATTRIBUTE NAS-IPv6-Address 95 string
ATTRIBUTE Framed-Interface-Id 96 string
ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix
ATTRIBUTE Login-IPv6-Host 98 string
ATTRIBUTE Framed-IPv6-Route 99 string
ATTRIBUTE Framed-IPv6-Pool 100 string

#
# RFC6911 IPv6 attributes
#
ATTRIBUTE Framed-IPv6-Address 168 ipv6addr
ATTRIBUTE DNS-Server-IPv6-Address 169 ipv6addr
ATTRIBUTE Route-IPv6-Information 170 ipv6prefix

#
# Experimental Non Protocol Attributes used by Cistron-Radiusd
#
ATTRIBUTE Huntgroup-Name 221 string
ATTRIBUTE User-Category 1029 string
ATTRIBUTE Group-Name 1030 string
ATTRIBUTE Simultaneous-Use 1034 integer
ATTRIBUTE Strip-User-Name 1035 integer
ATTRIBUTE Fall-Through 1036 integer
ATTRIBUTE Add-Port-To-IP-Address 1037 integer
ATTRIBUTE Exec-Program 1038 string
ATTRIBUTE Exec-Program-Wait 1039 string
ATTRIBUTE Hint 1040 string

#
# Non-Protocol Attributes
# These attributes are used internally by the server
#
ATTRIBUTE Expiration 21 date
ATTRIBUTE Auth-Type 1000 integer
ATTRIBUTE Menu 1001 string
ATTRIBUTE Termination-Menu 1002 string
ATTRIBUTE Prefix 1003 string
ATTRIBUTE Suffix 1004 string
ATTRIBUTE Group 1005 string
ATTRIBUTE Crypt-Password 1006 string
ATTRIBUTE Connect-Rate 1007 integer

#
# Integer Translations
#

# User Types

VALUE Service-Type Login-User 1
VALUE Service-Type Framed-User 2
VALUE Service-Type Callback-Login-User 3
VALUE Service-Type Callback-Framed-User 4
VALUE Service-Type Outbound-User 5
VALUE Service-Type Administrative-User 6
VALUE Service-Type NAS-Prompt-User 7
VALUE Service-Type Authenticate-Only 8
VALUE Service-Type Callback-NAS-Prompt 9
VALUE Service-Type Call-Check 10
VALUE Service-Type Callback-Administrative 11

# Framed Protocols

VALUE Framed-Protocol PPP 1
VALUE Framed-Protocol SLIP 2
VALUE Framed-Protocol ARAP 3
VALUE Framed-Protocol GANDALF-SLMLP 4
VALUE Framed-Protocol XYLOGICS-IPX-SLIP 5
VALUE Framed-Protocol X75 6

# Framed Routing Values

VALUE Framed-Routing None 0
VALUE Framed-Routing Broadcast 1
VALUE Framed-Routing Listen 2
VALUE Framed-Routing Broadcast-Listen 3

# Framed Compression Types

VALUE Framed-Compression None 0
VALUE Framed-Compression Van-Jacobson-TCP-IP 1
VALUE Framed-Compression IPX-Header 2
VALUE Framed-Compression Stac-LZS 3

# Login Services

VALUE Login-Service Telnet 0
VALUE Login-Service Rlogin 1
VALUE Login-Service TCP-Clear 2
VALUE Login-Service PortMaster 3
VALUE Login-Service LAT 4
VALUE Login-Service X.25-PAD 5
VALUE Login-Service X.25-T3POS 6
VALUE Login-Service TCP-Clear-Quiet 8

# Status Types

VALUE Acct-Status-Type Start 1
VALUE Acct-Status-Type Stop 2
VALUE Acct-Status-Type Alive 3
VALUE Acct-Status-Type Accounting-On 7
VALUE Acct-Status-Type Accounting-Off 8

# Authentication Types

VALUE Acct-Authentic RADIUS 1
VALUE Acct-Authentic Local 2
VALUE Acct-Authentic Remote 3

# Termination Options

VALUE Termination-Action Default 0
VALUE Termination-Action RADIUS-Request 1

# NAS Port Types, available in 3.3.1 and later

VALUE NAS-Port-Type Async 0
VALUE NAS-Port-Type Sync 1
VALUE NAS-Port-Type ISDN 2
VALUE NAS-Port-Type ISDN-V120 3
VALUE NAS-Port-Type ISDN-V110 4
VALUE NAS-Port-Type Virtual 5
VALUE NAS-Port-Type PIAFS 6
VALUE NAS-Port-Type HDLC-Clear-Channel 7
VALUE NAS-Port-Type X.25 8
VALUE NAS-Port-Type X.75 9
VALUE NAS-Port-Type G.3-Fax 10
VALUE NAS-Port-Type SDSL 11
VALUE NAS-Port-Type ADSL-CAP 12
VALUE NAS-Port-Type ADSL-DMT 13
VALUE NAS-Port-Type IDSL 14
VALUE NAS-Port-Type Ethernet 15

# Acct Terminate Causes, available in 3.3.2 and later

VALUE Acct-Terminate-Cause User-Request 1
VALUE Acct-Terminate-Cause Lost-Carrier 2
VALUE Acct-Terminate-Cause Lost-Service 3
VALUE Acct-Terminate-Cause Idle-Timeout 4
VALUE Acct-Terminate-Cause Session-Timeout 5
VALUE Acct-Terminate-Cause Admin-Reset 6
VALUE Acct-Terminate-Cause Admin-Reboot 7
VALUE Acct-Terminate-Cause Port-Error 8
VALUE Acct-Terminate-Cause NAS-Error 9
VALUE Acct-Terminate-Cause NAS-Request 10
VALUE Acct-Terminate-Cause NAS-Reboot 11
VALUE Acct-Terminate-Cause Port-Unneeded 12
VALUE Acct-Terminate-Cause Port-Preempted 13
VALUE Acct-Terminate-Cause Port-Suspended 14
VALUE Acct-Terminate-Cause Service-Unavailable 15
VALUE Acct-Terminate-Cause Callback 16
VALUE Acct-Terminate-Cause User-Error 17
VALUE Acct-Terminate-Cause Host-Request 18

#
# Non-Protocol Integer Translations
#

VALUE Auth-Type Local 0
VALUE Auth-Type System 1
VALUE Auth-Type SecurID 2
VALUE Auth-Type Crypt-Local 3
VALUE Auth-Type Reject 4

#
# Cistron extensions
#
VALUE Auth-Type Pam 253
VALUE Auth-Type Accept 254

#
# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
#
VALUE Fall-Through No 0
VALUE Fall-Through Yes 1
VALUE Add-Port-To-IP-Address No 0
VALUE Add-Port-To-IP-Address Yes 1

#
# Configuration Values
# uncomment these two lines to turn account expiration on
#

#VALUE Server-Config Password-Expiration 30
#VALUE Server-Config Password-Warning 5

#
# RFC2868 attributes and values
#
ATTRIBUTE Tunnel-Type 64 integer has_tag
ATTRIBUTE Tunnel-Medium-Type 65 integer has_tag
ATTRIBUTE Tunnel-Client-Endpoint 66 string has_tag
ATTRIBUTE Tunnel-Server-Endpoint 67 string has_tag

ATTRIBUTE Tunnel-Password 69 string has_tag,encrypt=2

ATTRIBUTE Tunnel-Private-Group-Id 81 string has_tag
ATTRIBUTE Tunnel-Assignment-Id 82 string has_tag
ATTRIBUTE Tunnel-Preference 83 integer has_tag

ATTRIBUTE Tunnel-Client-Auth-Id 90 string has_tag
ATTRIBUTE Tunnel-Server-Auth-Id 91 string has_tag

# Tunnel Type

VALUE Tunnel-Type PPTP 1
VALUE Tunnel-Type L2F 2
VALUE Tunnel-Type L2TP 3
VALUE Tunnel-Type ATMP 4
VALUE Tunnel-Type VTP 5
VALUE Tunnel-Type AH 6
VALUE Tunnel-Type IP 7
VALUE Tunnel-Type MIN-IP 8
VALUE Tunnel-Type ESP 9
VALUE Tunnel-Type GRE 10
VALUE Tunnel-Type DVS 11
VALUE Tunnel-Type IP-in-IP 12

# Tunnel Medium Type

VALUE Tunnel-Medium-Type IP 1
VALUE Tunnel-Medium-Type X25 2
VALUE Tunnel-Medium-Type ATM 3
VALUE Tunnel-Medium-Type Frame-Relay 4
VALUE Tunnel-Medium-Type BBN-1822 5
VALUE Tunnel-Medium-Type IEEE-802 6
VALUE Tunnel-Medium-Type E.163 7
VALUE Tunnel-Medium-Type E.164 8
VALUE Tunnel-Medium-Type F.69 9
VALUE Tunnel-Medium-Type X.121 10
VALUE Tunnel-Medium-Type IPX 11
VALUE Tunnel-Medium-Type Appletalk 12
VALUE Tunnel-Medium-Type DecNet-IV 13
VALUE Tunnel-Medium-Type Banyan-Vines 14
VALUE Tunnel-Medium-Type E.164-NSAP 15
19 changes: 19 additions & 0 deletions include/freeradius-client.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,11 +369,27 @@ typedef struct rc_conf rc_handle;

/* Server data structures */

typedef struct attr_flags
{
char has_tag; /* attribute allows tags */
signed char tag;
uint8_t encrypt; /* encryption method */
} ATTR_FLAGS;

/*
* Values of the encryption flags.
*/
#define FLAG_ENCRYPT_NONE (0)
#define FLAG_ENCRYPT_USER_PASSWORD (1)
#define FLAG_ENCRYPT_TUNNEL_PASSWORD (2)
#define FLAG_ENCRYPT_ASCEND_SECRET (3)

typedef struct dict_attr
{
char name[NAME_LENGTH + 1]; //!< attribute name.
int value; //!< attribute index.
int type; //!< string, int, etc..
ATTR_FLAGS flags;
struct dict_attr *next;
} DICT_ATTR;

Expand All @@ -399,6 +415,7 @@ typedef struct value_pair
int type;
uint32_t lvalue;
char strvalue[AUTH_STRING_LEN + 1];
ATTR_FLAGS flags;
struct value_pair *next;
} VALUE_PAIR;

Expand Down Expand Up @@ -463,6 +480,8 @@ int rc_avpair_tostr(rc_handle const *, VALUE_PAIR *, char *, int, char *, int);
char *rc_avpair_log(rc_handle const *, VALUE_PAIR *, char *buf, size_t buf_len);
VALUE_PAIR *rc_avpair_readin(rc_handle const *, FILE *);

int rc_tunnel_pwdecode(uint8_t *, int *, const char *, const char *);

/* buildreq.c */

void rc_buildreq(rc_handle const *, SEND_DATA *, int, char *, unsigned short, char *, int, int);
Expand Down
Loading